Privacy Policy

INTRODUCTION

Purpose

Enoda Ltd (“Enoda”, “we” or “us”) respects your privacy and is committed to protecting your personal data.

This Privacy Policy describes how we, as a data controller, collect, process, use and share information about you, including Personal Data, through our website at www.enodatech.com (the “Site”) and in other ways.  

Personal Data means any information about an individual from which that person can be identified, as set out in Retained Regulation (EU) 2016/679 (UK GDPR).  Personal Data does not include data where your identity has been removed (anonymous data).

You should read this Privacy Policy carefully to understand what we do and how we process your Personal Data.  If you do not understand any aspects of our Privacy Policy, please contact us via the details set out at the end of this Policy.

Scope

This Privacy Policy applies to Personal Data we collect from you:

  • at and through www.enodatech.com;

  • when you communicate with us through email, text, other electronic messages, or via social media platforms; and

  • when you provide your Personal Data to us directly.

Third Party Websites

Our Site may also contain links to third party websites that are not owned or controlled by Enoda. We are not responsible for the privacy practices of websites not owned or operated by Enoda.

You should review the privacy policy available on each third party website you visit for its privacy practices.

No Personal Data from Children

This Site is not intended for children.  We do not knowingly collect data relating to children.

Terms of Use

Your use of our Site and this Privacy Policy are subject to our Terms of Use.

2. PERSONAL DATA WE COLLECT AND WHY WE COLLECT IT

Data you provide to us

We collect and process Personal Data when you communicate with us and when you use the Site.  Typically, you are the primary source of this Personal Data.  For additional information on the lawful basis on which we rely for our processing of your Personal Data, you should refer to Section 3 below, How We Use and Share Your Data.

The Personal Data we collect from you may include:

Identity Data: for example, your first name, surname, user name or other identifier, title, position.

Contact Data:  for example, your residential or business postal address, e-mail address, telephone number(s), and other contact information you may provide to us when you contact us.

Technical Data:  for example, your IP address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology and settings on the devices you use to access the Site.

Profile Data:  for example, your interests, preferences, responses and feedback.

Usage Data:  for example, information about how you use the Site.

Marketing and Communications Data:  for example, information about your preferences for receiving communications from us and our third parties and your preferred method of communication.

We do not collect any Special Categories of Personal Data about you.  Special Categories of Personal Data include details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data.  We do not collect any information about criminal convictions and offences.

We may collect information about you from publicly accessible sources or from trusted partners, such as our marketing or security partners.

Data we collect through Automatic Data Collection Technologies

As you navigate through our Site and otherwise interact with our Site, we may use automatic data collection technologies to collect certain information about how you use the Site and the devices you use.  For more information on how we use cookies and to learn how to manage cookies please see our Cookie Notice.

3. HOW WE USE AND SHARE YOUR DATA

Lawful Basis for Processing your Personal Data

If you are in the United Kingdom the processing of your Personal Data is lawful only if it is permitted under applicable data protection laws.

In the main, we rely on our legitimate interest as the lawful basis for our processing of your Personal Data.  Specifically, this processing enables us to:

  • better provide our products and services to you, including the operation of our Site;

  • estimate usage patterns;

  • store information about your preferences;

  • develop and improve our Site, our products, and our services;

  • monitor our network and information security; and

  • recognise your device when you return to our Site.

When we rely on our legitimate interest, we make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data.  We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).  You can obtain further information about how we assess our legitimate interest against any potential impact on you in respect of specific activities by contacting us.

Generally, we do not rely on consent as a legal basis for processing your personal data.  We will get your consent before sending third party direct marketing communications to you via email or other electronic message or social media platform.  You have the right to withdraw consent to marketing at any time by contacting us.

We have set out in the table below a description of the ways we process your Personal Data and the legal basis we rely on to do so.  We have also identified what our legitimate interest is, where appropriate.

We may rely on more than one lawful ground for our processing of your Personal Data, depending on the specific purpose for which we are using your Personal Data. You can contact us if you need details about the specific legal ground we are relying on to process your Personal Data where more than one ground has been specified.

Purpose/Activity

Sharing of Personal Data

We may provide your Personal Data to third party service providers that help us operate and maintain the Site, host our Site and provide other technical and operational support to us.  The third party service providers that process your Personal Data on our behalf do so in accordance with our documented instructions and we implement reasonable contractual and technical protections to limit their use of that Personal Data and to ensure its security.

We may share your Personal Data with third party companies, organisations, or individuals outside of Enoda if we have a good faith belief that access, use, preservation or disclosure of the information is reasonably necessary for us to:

  • meet any applicable law, regulation, legal process, or enforceable governmental request;

  • enforce applicable Terms of Use, including our investigation of potential violations;

  • detect, prevent, or otherwise address fraud, security, or technical issues; and

  • protect against harm to the rights, property, or safety of Enoda our partners, customers, or the public as required or permitted by law.

By submitting your Personal Data to us or continuing your use of the Site, you consent to these disclosures to the extent that your consent is necessary.

Storage of Personal Data

We will store your Personal Data only for as long as is necessary for the purpose for which it was collected, for as long as we have a lawful basis to do so, or for as long as we are required to do so by applicable law.

Transfer in the Event of Sale or Change of Control

If the ownership of all or substantially all our business changes or we otherwise transfer assets relating to our business or the Site to a third party, such as by merger, acquisition, bankruptcy proceeding or otherwise, we may transfer or sell your Personal Data to the new owner.  Unless permitted otherwise by applicable law, your Personal Data remains subject to this Privacy Policy unless you agree differently.  By submitting your Personal Data you agree to this transfer. Following a transfer, you should contact the entity to which we transferred your Personal Data with any enquiries concerning the processing of that data.

4. YOUR DATA SUBJECT RIGHTS

Depending on where you are located, applicable data protection laws may provide you with certain rights with regards to our processing of your Personal Data.  These rights may include, but are not limited to:

Access and Update:  You may access and review your Personal Data by contacting us via the information provided below.  You may also notify us of any changes or errors in any Personal Data we hold about you to ensure that it is complete, accurate, and up to date.  We may not be able to accommodate your request if we believe that to do so would be unlawful or cause the information to be incorrect.

Restrictions:  You have the right to object to or restrict our processing of your Personal Data under certain circumstances, including where we rely on our legitimate interest.  You can request that we restrict our use of your Personal Data if you contest its accuracy, if the processing of your Personal Data is determined to be unlawful, or if we no longer need to hold and process your Personal Data.

Portability:  You have the right to request that we provide you a copy of, or access to, all or part of your Personal Data in a structured, commonly used and machine-readable format.  You also have the right to request that we transmit your Personal Data to another data controller.

Withdrawal of Consent:  Where our processing of your Personal Data is based on your consent, you may withdraw your consent at any time by contacting us via the information below. Withdrawing your consent will not, however, affect the lawfulness of the processing based on your consent before its withdrawal, and will not affect the lawfulness of our continued processing that is based on any other lawful basis for processing your Personal Data.

Right to be Forgotten:  You have the right to request that we delete your Personal Data.  We may not accommodate a request to erase information if we believe the deletion would be unlawful or cause the information to be incorrect.

Complaints:  You have the right to lodge a complaint with the United Kingdom’s Information Commissioner’s Office (“ICO”).  You can contact the ICO via www.ico.org.uk or by telephone on 0303 123 1113.  Before doing so, we request that you contact us directly in order to give us an opportunity to work directly with you to resolve your concerns.

You may exercise your rights as a data subject by contacting Enoda via the contact information provided below. Depending on your request, we may need to verify your credentials before fulfilling your request and may ask you to provide additional Personal Data to enable us to do so.

You will not have to pay a fee to access your Personal Data (or to exercise any of your other rights as a data subject).  We may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.  Alternatively, we could refuse to comply with your request in these circumstances.

We try to respond to all legitimate requests within one month.  Occasionally, it could take us longer than a month if your request is particularly complex or you have made a number of requests.  In this case, we will notify you and update on our progress from time to time.

5. SECURITY OF YOUR PERSONAL DATA

We have implemented reasonable technical, administrative, and physical measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure.

However, no security protections are perfect, and we cannot guarantee, ensure, or warrant the security of any Personal Data you provide to us.  There is no guarantee that your Personal Data will not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or organisational safeguards.  E-mails and other communications you send to us through our Site are not encrypted, and we strongly advise you not to communicate any confidential information through these means.

6. CONSENT TO PROCESSING PERSONAL DATA IN OTHER COUNTRIES

Enoda's Site is operated and managed on servers located and operated within the United Kingdom. In order to provide our Site, products, and services to you, we may send and store your Personal Data outside of the United Kingdom, including to the European Economic Area and the United States.  Accordingly, your Personal Data may be transferred outside the country in which you reside or are located, including to countries that may not or do not provide an equivalent level of protection for your Personal Data.

Your Personal Data is transferred by Enoda to another country only if there are appropriate safeguards in place to protect your Personal Data.  These include an adequacy decision by the European Commission that a third country offers a comparable level of protection or the use of contractual safeguards through the International Data Transfer Agreement or the European Commission’s approved Standard Contractual Clauses.  By using our Site, you represent that you have read and understood that your Personal Data may be transferred and processed outside the United Kingdom and consent thereto.

7. CHANGES TO OUR PRIVACY POLICY

Our Privacy Policy may change from time to time.  We will post any changes to our Privacy Policy here and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes).  We will also keep prior versions of this Privacy Policy in an archive for your review upon request.

8. QUESTIONS AND HOW CONTACT US

If you have any questions, concerns, complaints or suggestions regarding our Privacy Policy or wish to exercise your data subject rights or otherwise need to contact us, please do so via our details below:

The Data Protection Officer

Quartermile 3, Level 1,

10 Nightingale Way,

Edinburgh, EH3 9EG

privacy@enodatech.com